zero trust
also: zero trust architecture, ZTA, zero trust security, never trust, always verify
A security model that assumes no user, device, or network connection is inherently trustworthy and requires continuous verification for every access request, regardless of location or previous authentication.
Zero Trust is a security architecture principle that rejects the traditional "trust but verify" approach. Instead, it treats every access attempt—whether from inside or outside the network—as potentially hostile and requires explicit authentication and authorization.
In a zero trust model, you don't trust someone just because they're on your corporate network or have logged in once. Every request is validated: Who is this user? What device are they using? Is it patched and healthy? Are they accessing an appropriate resource? Example: A developer accessing production servers must authenticate not just once, but continuously prove they're authorized for that specific action at that specific time, using multi-factor authentication and device verification.
Linux systems implement zero trust through tools like sudo with strict policies, SSH key management, SELinux/AppArmor mandatory access controls, and integration with identity providers. This contrasts with older models that assumed internal networks were safe—zero trust assumes the network itself is compromised.